package com.gillion.tms.utils;

import com.gfa4j.security.data.entity.IDataPermission;
import com.gfa4j.security.data.entity.ITable;
import com.gfa4j.utils.ContextHolder;

import com.gillion.business.model.SysAclTable;
import com.gillion.business.model.SysRoleAcl;
import com.gillion.tms.entity.DataPermission;
import com.gillion.tms.entity.Table;

import com.google.common.collect.Lists;
import org.apache.commons.lang3.StringUtils;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowCallbackHandler;

import javax.sql.DataSource;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collection;
import java.util.List;

/**
 * Created by wengms on 2015/4/23.
 */
public class DataPermissionUtils {

    /**
     * 通过用户名加载该用户的所有权限表
     * @param username
     * @return
     */
    public static Collection<ITable> loadTableByUser(String username){
        DataSource dataSource = ContextHolder.getBean(DataSource.class);
        JdbcTemplate jdbcTemplate = new JdbcTemplate(dataSource);
        Collection<ITable> tables = Lists.newArrayList();

        //1.先获取当前用户的角色
        //2.获取所有的表配置
        //3.获取对应角色下表的所有权限配置
        String roleQuerySql = "SELECT\n" +
                                "	t2.ROLE_ID\n" +
                                "FROM\n" +
                                "	sys_user t1\n" +
                                "LEFT JOIN sys_role_user t2 ON t1.USER_ID = t2.USER_ID\n" +
                                "WHERE\n" +
                                "	t1.USERNAME = ?";

        List<String> roles = jdbcTemplate.queryForList(roleQuerySql, String.class);
        jdbcTemplate.query("SELECT * FROM SYS_ACL_TABLE", new RowCallbackHandler() {
            @Override
            public void processRow(ResultSet rs) throws SQLException {
                SysAclTable sysAclTable = new SysAclTable();
                String tableId = rs.getString("ACL_TABLE_ID");
                sysAclTable.setAclTableId(tableId);
                sysAclTable.setAclMode(rs.getByte("ACL_MODE"));
                sysAclTable.setTableName(rs.getString("TABLE_NAME"));
                Table table = new Table(sysAclTable);
                Collection<IDataPermission> dataPermissions = loadDataPermissionByRoleAndTable(roles,tableId);
                table.setDataPermissions(dataPermissions);
                tables.add(table);
            }
        });
        return tables;
    }

    /**
     * 通过角色列表和表ID加载权限配置
     * @param roleIds
     * @param tableId
     * @return
     */
    private static Collection<IDataPermission> loadDataPermissionByRoleAndTable(Collection<String> roleIds,String tableId){
        Collection<IDataPermission> dataPermissions = Lists.newArrayList();
        DataSource dataSource = ContextHolder.getBean(DataSource.class);
        JdbcTemplate jdbcTemplate = new JdbcTemplate(dataSource);
        String roleIdStr = StringUtils.join(roleIds,",");
        String querySql = "SELECT\n" +
                            "	t1.ROLE_ID,\n" +
                            "	t2.CONDITION_SQL,\n" +
                            "	t2.CRUD_TYPE,\n" +
                            "	t2.ACL_TABLE_ID\n" +
                            "FROM\n" +
                            "	sys_role t1\n" +
                            "JOIN sys_role_acl t2 ON t1.ROLE_ID = t2.ROLE_ID\n"+
                            "WHERE t1.ROLE_ID IN ("+roleIdStr+")\n"+
                            "AND T2.ACL_TABLE_ID = ?";
        jdbcTemplate.query(querySql, new RowCallbackHandler() {
            @Override
            public void processRow(ResultSet rs) throws SQLException {
                SysRoleAcl sysRoleAcl = new SysRoleAcl();
                sysRoleAcl.setCrudType(rs.getByte("CRUD_TYPE"));
                sysRoleAcl.setConditionSql(rs.getString("CONDITION_SQL"));
                DataPermission dataPermission = new DataPermission(sysRoleAcl);
                dataPermissions.add(dataPermission);
            }
        },tableId);
        return dataPermissions;
    }


}
